New Threats for a New Year: 2017 Predictions

According to Forrester’s Global Business Technographics Security Survey, 2016, 49% of global network security decision-makers report that they experienced at least one breach during the past 12 months.

Software vulnerabilities currently top the list of the most common types of external attacks and will continue to be near the top of the list, followed closely by user interactions (phishing, malicious links or email attachments), stolen credentials and web applications.

The rise of ransomware

Ransomware has been steadily on the rise throughout 2015 and 2016. In 2016, ransomware reached a staggering $1 billion industry and this will now become our top threat. Consumers have typically been targeted (especially in the affluent U.S.) because it’s less likely that individual users would have robust security in place.

Ransomware attacks on businesses

The long-term trend, however, has been a slow and steady rise in ransomware attacks on businesses. Criminals see a larger ransom potential with bigger companies, especially with wire-transfer email scams targeted at C-level executives.

Bug-poaching attacks, which involve attackers compromising corporate servers, stealing data (as proof of compromise), and requesting a fee for information on how the attack was carried out

Using freely available, dual-use tools to help gain a foothold and move through a network

Obtaining administrator credentials and using them for lateral movement

Conducting reconnaissance to gain information that could help criminals extort money from the target organization

Across the security industry, incident response teams are also noting that cybercriminals are transferring techniques usually used in advanced espionage attacks and implementing them for targeted ransomware infections.

Do you pay the ransomware to get your files?

Law enforcement discourages companies and individuals to pay the ransoms, as it only encourages further attacks and helps generate future malware. Plus, there’s no guarantee that your files will be returned.

But the problem lies in security vulnerabilities within companies. If automated backups and network files aren’t stored properly, then file backups that are supposed to be in place for emergencies (like ransomware locking users out of data) simply won’t do the job. Then companies pay up.

How can you work to avoid ransomware schemes?

Since email and exploit kits are the most common method of infection, consider using email-filtering services to block mail delivery or infected attachments.

Continually educate end users. False invoices and orders, or emails concerning banking security or credentials can often look very convincing.

○ Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).

○ Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans.

As ransomware and cyber attacks continue to become big business, it’s more important than ever to strengthen your cybersecurity practices. Investing now will protect your company from any future threats.